Daily Archives: 2023-10-11

Tiny Linux on a No-MMU RISC-V Microcontroller

Source: Hack a Day

Article note: I went to find documentation about the current state of nommu Linux systems the other day and things are _rough_ documentation-wise and mostly alarmingly out of date. This (and its sister article) actually strings together all the details in a comprehensible way, which is super nice.

In the vast majority of cases, running a Linux-based operating system involves a pretty powerful processor with a lot of memory on hand, and perhaps most importantly, a memory management unit, or MMU. This is a piece of hardware which manages virtual memory, seamlessly giving each process its own memory sandbox in which it shouldn’t be able to rain on its neighbours’ parade. If there’s no MMU all is not lost though, and [Uros Popovic] gives us a complete guide to building the MMU-less μClinux on a RISC-V microcontroller.

The result is something of a Linux-from-scratch for this platform and kernel flavour, but it’s so much more than that aside from its step-by-step explanation. It’s probable that most of us have heard something of μClinux but have little direct knowledge of it, and he leads us through its workings as well as its limitations. As examples, standard ELF binaries aren’t suitable for these systems, and programmers need to use memory-safe techniques.

Whether or not any of you will run with this guide and build a tiny MMU-less Linux system, anything which expands our knowledge on the subject has to be a good thing. it’s not the first time we’ve seen a RISC-V microcontroller turned to this task, with a nifty trick to get round the limitations of a particular architecture.

Posted in News | Leave a comment

Coordinated Disclosure: 1-Click RCE on Gnome (CVE-2023-43641)

Source: Hacker News

Article note: Automated background metadata scanning is a huge source of vulnerabilities in general. It's parsers. Hand-coded in C. That the caller probably didn't look at, because it's in some library from the dark ages. For old poorly structured formats. Running unattended in system processes.
Comments
Posted in News | Leave a comment